dash-google-auth icon indicating copy to clipboard operation
dash-google-auth copied to clipboard
verified publisher icon lchapo

Wildcard authorized emails?

Open brylie opened this issue 7 years ago • 5 comments

How might one allow wildcard email authorization? E.g. all emails for a Google authentication domain, such as a company's staff. Is there an approach to enable all organization users, or specific email domains?

brylie avatar Oct 16 '18 09:10 brylie

The simplest solution is to modify the auth function here to something like: if email.endswith("@mycompany.com"):

An even better approach would be to store authorized emails in a database and have the auth function do a lookup against that database.

lchapo avatar Oct 16 '18 13:10 lchapo

I'm using this approach at the moment:

from fnmatch import fnmatch

class GlobList(list):
    """Glob list"""

    def __contains__(self, key) -> bool:
        """Check if key in list or matches patterns in list."""

        if super().__contains__(key):
            return True

        for k in self:
            if fnmatch(key, k):
                return True

        return False

and setting:

authorized_emails = GlobList(['*@example.com', '[email protected]'])
auth = GoogleOAuth(app, authorized_emails)

joshbode avatar Oct 26 '18 06:10 joshbode

@joshbode, this would be a really good addition to the README, or some similar documentation! :-)

brylie avatar Oct 26 '18 09:10 brylie

The simplest solution is to modify the auth function here to something like: if email.endswith("@mycompany.com"):

An even better approach would be to store authorized emails in a database and have the auth function do a lookup against that database.

Your url doesn't seem to be working.

ghost avatar Nov 27 '18 20:11 ghost

@VedantRuparelia whoops, linked to a private repo. Fixed my comment above (new link)

lchapo avatar Nov 27 '18 20:11 lchapo